From: | PostgreSQL Global Development Group <announce-noreply(at)postgresql(dot)org> |
---|---|
To: | PostgreSQL Announce <pgsql-announce(at)lists(dot)postgresql(dot)org> |
Subject: | PostgreSQL is now a CVE Numbering Authority (CNA) |
Date: | 2024-01-18 20:00:39 |
Message-ID: | 170560803915.664.7446821114417423023@wrigleys.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-announce |
The PostgreSQL Security team is pleased to announce that PostgreSQL is now a CVE Numbering Authority (CNA). A CNA has responsibilities for assigning CVE IDs and participating in responsible disclosure with projects within its scope. You can find out more information about the role of PostgreSQL as a CNA on the [PostgreSQL security](https://www.postgresql.org/support/security/) page:
[https://www.postgresql.org/support/security/](https://www.postgresql.org/support/security/)
The process for reporting a security vulnerability in PostgreSQL has not changed. If you believe you have discovered a security vulnerability in PostgreSQL, please send an email to [security(at)postgresql(dot)org](mailto:security(at)postgresql(dot)org). For more information on what is considered a vulnerability and the reporting process, please review the [PostgreSQL security](https://www.postgresql.org/support/security/) page:
[https://www.postgresql.org/support/security/](https://www.postgresql.org/support/security/)
You can find the original announcement on PostgreSQL being added as a CNA on the CVE page:
Attachment | Content-Type | Size |
---|---|---|
image/png | 20.7 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | CSPUG (Czech and Slovak PostgreSQL Users Group) via PostgreSQL Announce | 2024-01-22 17:04:19 | Prague PostgreSQL Developer Day 2024 / Call for Papers & Sponsors |
Previous Message | Nordic PGDay via PostgreSQL Announce | 2024-01-17 13:32:33 | Nordic PGDay 2024 - Schedule announced and open for registration |